chrome/utility/chrome_content_utility_client.cc - Issue 98603007: Launches a privileged utility process.

Unified Diff: chrome/utility/chrome_content_utility_client.cc

Issue 98603007: Launches a privileged utility process. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Cleans up ChildProcessLauncher implementations. Created 6 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« chrome/utility/chrome_content_utility_client.h ('K') | « chrome/utility/chrome_content_utility_client.h ('k') | chrome/utility/chrome_content_utility_client_unittest.cc » ('j') | content/browser/browser_child_process_host_impl.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: chrome/utility/chrome_content_utility_client.cc

diff --git a/chrome/utility/chrome_content_utility_client.cc b/chrome/utility/chrome_content_utility_client.cc

index b8f83f05c01132a69070929806b3baef7ea0d665..5298e5711db162a02badf0e82b24a18e348579da 100644

--- a/chrome/utility/chrome_content_utility_client.cc

+++ b/chrome/utility/chrome_content_utility_client.cc

@@ -67,6 +67,11 @@ namespace chrome {

namespace {

+// This whitelist is the default list of whitelist entries when running

+// elevated.

+static const uint32 kMessageWhitelist[] = { 0 };

+static const size_t kMessageWhitelistSize = arraysize(kMessageWhitelist);

bool Send(IPC::Message* message) {

return content::UtilityThread::Get()->Send(message);

}

@@ -77,7 +82,8 @@ void ReleaseProcessIfNeeded() {

} // namespace

-ChromeContentUtilityClient::ChromeContentUtilityClient() {

+ChromeContentUtilityClient::ChromeContentUtilityClient()

+ : filter_messages_(false) {

#if !defined(OS_ANDROID)

handlers_.push_back(new ProfileImportHandler());

#endif // OS_ANDROID

@@ -109,10 +115,26 @@ void ChromeContentUtilityClient::UtilityThreadStarted() {

std::string lang = command_line->GetSwitchValueASCII(switches::kLang);

if (!lang.empty())

extension_l10n_util::SetProcessLocale(lang);

+ if (command_line->HasSwitch(switches::kUtilityProcessRunningElevated)) {

+ DVLOG(0) << "Utility process is running elevated, restricting messages.";

+ for (size_t i = 0; i < kMessageWhitelistSize; i++) {

+ message_id_whitelist_.insert(kMessageWhitelist[i]);

+ }

+ filter_messages_ = true;

+ }

}

bool ChromeContentUtilityClient::OnMessageReceived(

const IPC::Message& message) {

+ if (filter_messages_

+ && message_id_whitelist_.find(message.type())

+ == message_id_whitelist_.end()) {

+ DVLOG(0) << "Message rejected, not in whitelist: "

+ << message.type();

+ return false;

+ }

bool handled = true;

IPC_BEGIN_MESSAGE_MAP(ChromeContentUtilityClient, message)

IPC_MESSAGE_HANDLER(ChromeUtilityMsg_UnpackExtension, OnUnpackExtension)

@@ -179,6 +201,14 @@ void ChromeContentUtilityClient::PreSandboxStartup() {

media::InitializeMediaLibrary(media_path);

}

+void ChromeContentUtilityClient::AddHandler(UtilityMessageHandler* handler) {

+ handlers_.push_back(handler);

+void ChromeContentUtilityClient::AddWhitelistMessageType(int message_type) {

+ message_id_whitelist_.insert(message_type);

void ChromeContentUtilityClient::OnUnpackExtension(

const base::FilePath& extension_path,

const std::string& extension_id,